Re: IPSEC help
- From: john decot <johndecot@xxxxxxxxx>
- Date: Thu, 22 Nov 2007 07:08:21 -0800 (PST)
Hi,
tcpdump shows only isakmp information , there is no information about esp and AH header.
08:05:55.761245 IP 202.70.87.123.isakmp > ws130173.corporate-access.com.isakmp: isakmp: phase 1 ? ident[E]
08:05:55.775403 IP 202.70.87.121 > 202.70.87.123: ICMP redirect ws130173.corporate-access.com to host ws130173.corporate-access.com, length 556
08:05:55.778172 IP 202.70.87.123.isakmp > ws130173.corporate-access.com.isakmp: isakmp: phase 1 ? ident[E]
Regards,
John
VANHULLEBUS Yvan <vanhu_bsd@xxxxxxxxxx> wrote: On Tue, Nov 20, 2007 at 08:46:28AM -0800, john decot wrote:
Hi,[
I have change life time in both side i.e 28800 sec but unlucky again.
2007-11-20 20:27:31: ERROR: ignore information because ISAKMP-SA has not been established yet.
Do a tcpdump/wireshark and have a look at what's in that informational
message...
Yvan.
--
NETASQ
http://www.netasq.com
---------------------------------
Be a better sports nut! Let your teams follow you with Yahoo Mobile. Try it now.
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- References:
- Re: IPSEC help
- From: VANHULLEBUS Yvan
- Re: IPSEC help
- Prev by Date: Re: chkrootkit V. 0.47
- Next by Date: Re: chkrootkit V. 0.47
- Previous by thread: Re: IPSEC help
- Next by thread: Re: IPSEC help
- Index(es):
Relevant Pages
|
|
